Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix wrong reply to simple name when --domain-needed set and no servers configured.

Browse Source 
Also return REFUSED and not SERVFAIL when out of memory.

Thanks to Allain Legacy for problem report.
This commit is contained in:
Simon Kelley
2016-01-19 21:23:30 +00:00
parent f7443d76f7
commit d05dd58de1
3 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG
View File

@@ -22,6 +22,15 @@ version 2.76
reading a hosts-file fails. Thanks to André Glüpker reading a hosts-file fails. Thanks to André Glüpker
for the patch. for the patch.
Fix wrong answer to simple name query when --domain-needed
set, but no upstream servers configured. Dnsmasq returned
REFUSED, in this case, when it should be the same as when
upstream servers are configured - NOERROR. Thanks to
Allain Legacy for spotting the problem.
Return REFUSED when running out of forwarding table slots,
not SERVFAIL.
version 2.75 version 2.75
Fix reversion on 2.74 which caused 100% CPU use when a Fix reversion on 2.74 which caused 100% CPU use when a

13
src/forward.c
View File

@@ -249,9 +249,7 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
(void)do_bit; (void)do_bit;
/* may be no servers available. */ /* may be no servers available. */
if (!daemon->servers) if (forward || (hash && (forward = lookup_frec_by_sender(ntohs(header->id), udpaddr, hash))))
forward = NULL;
else if (forward || (hash && (forward = lookup_frec_by_sender(ntohs(header->id), udpaddr, hash))))
{ {
/* If we didn't get an answer advertising a maximal packet in EDNS, /* If we didn't get an answer advertising a maximal packet in EDNS,
fall back to 1280, which should work everywhere on IPv6. fall back to 1280, which should work everywhere on IPv6.
@@ -334,9 +332,9 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
#endif #endif
type &= ~SERV_DO_DNSSEC; type &= ~SERV_DO_DNSSEC;
if (!flags && !(forward = get_new_frec(now, NULL, 0))) if (daemon->servers && !flags)
/* table full - server failure. */ forward = get_new_frec(now, NULL, 0);
flags = F_NEG; /* table full - flags == 0, return REFUSED */
if (forward) if (forward)
{ {
@@ -1621,6 +1619,9 @@ unsigned char *tcp_request(int confd, time_t now,
unsigned int mark = 0; unsigned int mark = 0;
int have_mark = 0; int have_mark = 0;
(void)mark;
(void)have_mark;
if (getpeername(confd, (struct sockaddr *)&peer_addr, &peer_len) == -1) if (getpeername(confd, (struct sockaddr *)&peer_addr, &peer_len) == -1)
return packet; return packet;

4
src/rfc1035.c
View File

@@ -896,9 +896,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
header->nscount = htons(0); header->nscount = htons(0);
header->arcount = htons(0); header->arcount = htons(0);
header->ancount = htons(0); /* no answers unless changed below */ header->ancount = htons(0); /* no answers unless changed below */
if (flags == F_NEG) if (flags == F_NOERR)
SET_RCODE(header, SERVFAIL); /* couldn't get memory */
else if (flags == F_NOERR)
SET_RCODE(header, NOERROR); /* empty domain */ SET_RCODE(header, NOERROR); /* empty domain */
else if (flags == F_NXDOMAIN) else if (flags == F_NXDOMAIN)
SET_RCODE(header, NXDOMAIN); SET_RCODE(header, NXDOMAIN);